Why Changing Your eBay Password Isn’t Enough

Changing your password after a data breach is great and all, but as far as protecting yourself after the eBay data breach, you’re not done yet.

Email addresses were also compromised in the attack, meaning the 128 million active eBay users have become phishing targets. Phishing is a deceptive tactic fraudsters use to trick you into divulging sensitive information. Now that they have your email address and a few other identifying bits of information (like your name, birthdate, physical address and phone number), hackers have a few ways they’ll try to play you.

Click With Caution

It’s not that difficult to put together an email that seems to come from a legitimate business — maybe it won’t be from eBay, but scammers will contact you and impersonate a person or companies you trust as a way of getting you to click on malicious links and share information they can use to commit financial fraud.

It sounds paranoid, but you need to read your emails with an abundance of skepticism (like in this story, when a hacker did a decent email impersonation of a friend). There’s no one-size-fits-all approach to phishing, so look out for messages asking you to update user accounts, confirm payment information, download something, take advantage of a deal or act quickly in the interest of saving money or protecting your identity — hackers know you’re feeling vulnerable after a breach like this, and they’ll play into your fears without hesitation.

Free Credit Check & MonitoringSign up for your Credit.com and get a FREE credit score plus personalized Action Plan to help you improve it. FREE and updated every 30 days. Get Started Now »

Think Beyond eBay

Consider how many online accounts you have. Shopping sites, banking, social media, news sites — these days, everything requires a login. Many of those use your email address as your username, and if your email address was stored on that compromised eBay database, a slew of your usernames has also been exposed. The eBay passwords were encrypted, but the company urged its users to change them anyway. If you use that password in conjunction with your email address for any other site, you should change it, too.

PayPal, which is a subsidiary of eBay, wasn’t impacted by this breach, the company said, but if you use the same email address and password for eBay and PayPal, you would be wise to change that, too. It doesn’t take much effort to make these updates, and it’s worth the time to protect your financial information, avoid fraud and prevent damage to your finances or credit.

There are a lot of great tips out there for creating strong, yet memorable, passwords (here are a few strategies you can use), and it’s a good idea to update your login credentials regularly, even when you’re not a data breach victim.

Why is this such a big deal? Fraud and identity theft can cause you some major headaches (seriously, there are horror stories) and proactively checking your bank accounts and credit information for unauthorized activity is the best way to avoid them. You should also check your free credit reports every year and look for inaccuracies, and you can use your credit score as an identity theft monitor, too. By checking your credit scores every month (which you can do for free on Credit.com), you will notice any sudden and unexpected changes in your score, which may indicate your identity has been compromised.

More on Identity Theft:

Sign up for our weekly newsletter.

Get the latest tips & advice from our team of 50+ credit & money experts, delivered to you via email each week. Sign up now.

Christine DiGangi covers personal finance for Credit.com. Previously, she managed communications for the Society of Professional Journalists, served as a copy editor of The New York Times News Service and worked as a reporter for the Oregonian and the News & Record. More by Christine DiGangi

Please note that our comments are moderated, so it may take a little time before you see them on the page. Thanks for your patience.

The offers that appear on Credit.com’s website are from companies from which Credit.com receives compensation. This compensation may influence the selection, appearance, and order of appearance of the offers listed on the website. However, this compensation also facilitates the provision by Credit.com of certain services to you at no charge. The website does not include all financial services companies or all of their available product and service offerings.

Certain credit cards and other financial products mentioned in this and other articles on Credit.com News & Advice may also be offered through Credit.com product pages, and Credit.com will be compensated if our users apply for and ultimately sign up for any of these cards or products. However, this relationship does not result in any preferential editorial treatment.